//@login & register
const express=require("express");
const router=express.Router();//实例化

//引入bcrypt
const bcrypt = require('bcryptjs');
// //引入gravatar
const gravatar = require('gravatar');
// //引入jsonwebtoken
const jwt=require("jsonwebtoken");
// //引入passport
const passport=require("passport");

//引入User
const User=require("../../models/User");
const keys = require("../../config/keys");

// $router GET api/users/test
// @desc 返回请求的json数据
// @access public
// 当访问localhost/test的时候返回
router.get("/test",(req,res)=>{
    res.json({msg:"login works"})
})


//$router POST api/users/register
//@desc 返回请求的json数据
//@access public
router.post("/register",(req,res)=>{
    // console.log(req.body);

    //查询数据库中是否有邮箱
    User.findOne({email:req.body.email})
         .then((user)=>{
             if(user){
                  return res.status(400).json("邮箱已被注册！")
             }else{
                const avatar = gravatar.url(req.body.email, {s: '200', r: 'pg', d: 'mm'});

                 const newUser=new User({
                     name:req.body.name,
                     email:req.body.email,
                     avatar,
                     password:req.body.password,
                     identity:req.body.identity
                 })

                 //加密密码
                 bcrypt.genSalt(10, function(err, salt) {
                    bcrypt.hash(newUser.password, salt,(err, hash)=> {
                        if(err) throw err;

                        newUser.password=hash;

                        //调用存储方法
                        newUser.save()
                               .then(user=>res.json(user))
                               .catch(err=>console.log(err));
                    });
                });
             }
            
         })
})


//$router POST api/users/login
//@desc 返回token jwt passport
//@access public

router.post("/login",(req,res)=>{
    const email=req.body.email;
    const password=req.body.password;

    //查询数据库
    User.findOne({email})
        .then(user=>{
            if(!user){
                return res.status(404).json("用户不存在！");
            }

            //密码匹配
            bcrypt.compare(password,user.password)
                  .then(isMatch=>{
                      if(isMatch){

                        const rule={
                            id:user.id,
                            name:user.name,
                            avatar:user.avatar,
                            identity:user.identity
                        };

                        //生成token
                        jwt.sign(rule,keys.secretOrKey,{expiresIn:36000},(err,token)=>{
                            if(err) throw err;
                            res.json({
                                success:true,
                                token:"Bearer "+token
                            });
                        })

                        // jwt.sign("规则","加密","过期时间","箭头函数");  
                        // res.json({msg:"success"});
                      }else{
                          return res.status(400).json("密码错误！");
                      }
                  })
        })
})



//$router GET api/users/current
//@desc return current user
//@access private
//验证token
router.get("/current",passport.authenticate("jwt",{session:false}),(req,res)=>{
    res.json({
        id:req.user.id,
        name:req.user.name,
        email:req.user.email,
        identity:req.user.identity
    });

})



module.exports=router;